Scan Salesforce Guest User Logs  Learn More

Securing the Applications that Power the Enterprise

Get a free Risk Assessment

Secure Salesforce Communities, Sites, and Guest Users

Salesforce’s Community and Site products are among their most widely adopted and powerful.  Salesforce admins have the ability to create powerful partner and customer communities with the click of a button.  

These communities are a great way to share information and collaborate with customers, partners, or employees.  However, without proper management and continuous security monitoring, these communities can inadvertently become a serious risk to your business.

Free Scan of your Guest User LOgs

Quickly Scan Access Across Communities

Salesforce provides your team with flexibility and capabilities to create multiple communities within your organization for vastly different business purposes.  These communities could range from customer support portals to a channel sales community for your partner ecosystem.  Needless to say, they are likely essential to enabling your business.  The adaptiveness and customization options these communities provide nonetheless introduce a new set of challenges for the teams entrusted with safeguarding them.

Discover Overly Permissive Community Users

Regardless of the amount or type of community (portal, help forum, support site, etc) you have created, it is important to remember that they are all built on top of your Salesforce org.  This means that any misconfigurations in the community site can create data exposure risks across your entire Salesforce ecosystem.  

As part of AppOmni’s discovery capabilities, we are able to provide you insightful content across all your community users and configurations and highlight misconfigurations that could lead to potential data exposure.  

As an example, we can quickly provide you information on Salesforce object access permissions for your community users, including detailed information about where and how Salesforce permissions has been granted in Salesforce.  This incredibly powerful functionality allows you to gain instant visibility into what your community users have access to as well as how they have obtained permissions, which enables you to efficiently identify and remediate overly-permissive access to sensitive standard or custom Salesforce objects.

Explore who has Access to What and Where
Learn More about Salesforce Access Modeling

Ongoing Preventative Security Policies

You are likely aware that the users of these communities require specific licensing — customer community, customer community plus, or partner community  —  based on the use cases of the community.  Each license provides varied levels of configuration and access capabilities to the underlying Salesforce org.  Assumably, these license characteristics and permissions change or drift over the normal course of business.  This creates the constant challenge of maintaining the right configuration and data policies both enable and protect the business.

Compare user access over time.
Hero Illustration

SaaS Security Best Practice Protections

We believe that providing you with continuous visibility across your Salesforce communities and sites is the first step in building a comprehensive approach to securing your Salesforce environment.  Once you have this baseline, we can help you build and enforce the protection policies. 

AppOmni provides default Salesforce Security Best Practices policies, which enable your Security and Salesforce teams to efficiently establish, create, and centrally manage Salesforce security policies. Examples of these policies include our Data Access policies (persona-based data access drift detection) and Security Posture (configuration drift detection) policies. 

An area of specific focus should be on ensuring proper access permissions for Salesforce Guest users (unauthenticated users) as well as any other external-facing Salesforce accounts.  We strongly recommend AppOmni policy development and deployment for continuous Salesforce data access monitoring for these types of external users.  Real world exploitation has demonstrated that unauthenticated Guest users that have read/edit permissions create the potential for anonymous internet users gaining the ability to interact with Guest owned records and objects.  That is why it is critical to have central visibility and enforcement around these types of community users.

Continuous Community Monitoring Strategies

Salesforce places a copious amount of emphasis on maintaining trust and providing security capabilities for their customers.  They release community and site updates on a regular basis.  These security updates are geared towards addressing risks and customer concerns.  While these updates might be available, ensuring they are configured in each org requires the attention and time of the Security and Salesforce Admin teams.    

Monitor Sharing and User Activity

AppOmni enables you to quickly identify and remediate risky configurations, improper access controls, and data exposures before an incident occurs.  The AppOmni platform provides monitoring and detection capabilities that can be used to detect community risks to your company.   For example, we can highlight permissions that would allow for a non-admin user the ability to grant community login access or let you quickly determine guest owned records that would allow for anonymous internet user access.  

Once you have set the policies you would like to monitor, we provide the ability for you to tie into your existing security monitoring technologies or automate remediation via your existing workflows.  You can now rest easy knowing that your Salesforce communities are protected with AppOmni. 

AppOmni provides central visibility into your Salesforce environment, including Guest Owned records, in minutes.

Learn More about AppOmni Monitoring

Interested in learning more about how AppOmni’s unique approach to securing Salesforce Communities, Sites, and Guest Users can help you?

Get a Demo
AppOmni for Salesforce

Get In Touch

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google
Spotify
Consent to display content from Spotify
Sound Cloud
Consent to display content from Sound